I have been going through the posts regarding NAT and I think I am more confused. Here is what I have. I have a 515E 3FE ports. 2 networks on the inside interface routed via VLANs through a 4006. I need to translate the internal network 10.1.0.0/16, and not the other network which is our public stuff.
I am confused as to what Nat I need, PAT??? and Global statements. I do need to set up some acl's to specific host. For example. Our Mail Server has a public IP but I want it behind the firewall, I want all smtp to come only to that server and outbounds smtp traffic from our server to any
I think I have the acl's down but I don't have the slightest idea about global statements and such. I realize I am a bit vague, but I don't know where to begin. (how bout contracting it out....)
I think I found some samples of Nat and Pat. My issue before I can complete that is with routing.
From within the Pix I can ping the router connected to the internet as well has hosts out on the internet. I can ping Hosts on the private network, but I can't get traffic to pass through the pix and communitcate with the 2600 connected to the internet. Below is hopefully a picturial of what I have. My real public class c has been replaced with 192.168.0.0/24
w/ 192.168.0.254 as ip address
Rest of network
i think the route for the 4006 should be
ip route 0.0.0.0 0.0.0.0 10.1.25.1
Is that correct? Also, there are static commands in the PIX that are
192.168.0.0 255.255.255.0 192.168.0.252 connect static, and
10.1.0.0 255.255.0.0 10.1.25.1 connect static.
when ever I try to make a static route for 10.1.0.0 network, it says that it alreay exists. I want to make one to 10.1.254.254. Do I route the ip address of the private interface of pix?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :